Hi,
Have just done a fresh install of Ossec on Ubuntu 10.4 but when ever
the service is started I get the following errors:
Starting OSSEC HIDS v2.6 (by Trend Micro Inc.)...
Started ossec-maild...
Started ossec-execd...
Started ossec-analysisd...
Started ossec-logcollector...
Started ossec-remot
Thanks all for your responses. Just to be clear: I am not currently
under attack. When my boss found out that I'd enabled something that
could block IP's from our web site, he became anxious. I just wanted
to explore the possibility that Active Response could cause more
problems than it prevents.
ed
by the two most prominent ISP's in the area.
Thanks,
Toby
Is there a way to tell OSSEC that I'm going to run Windows Updates or
yum upgrade or apt-get upgrade so that it doesn't complain about all
the changed files?